CVE-2023-54108
Description
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests
The following message and call trace was seen with debug kernels:
DMA-API: qla2xxx 0000:41:00.0: device driver failed to check map error [device address=0x00000002a3ff38d8] [size=1024 bytes] [mapped as single] WARNING: CPU: 0 PID: 2930 at kernel/dma/debug.c:1017 check_unmap+0xf42/0x1990
Call Trace: debug_dma_unmap_page+0xc9/0x100 qla_nvme_ls_unmap+0x141/0x210 [qla2xxx]
Remove DMA mapping from the driver altogether, as it is already done by FC layer. This prevents the warning.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
In the Linux kernel's qla2xxx SCSI driver, a DMA-API call trace occurs on NVMe LS requests due to redundant DMA mapping, fixed by removing the mapping handled by the FC layer.
Root
Cause A DMA-API call trace warning was observed in the Linux kernel's qla2xxx driver during NVMe LS (Login Service) requests. The trace indicated that the device driver failed to check a map error before unmapping, leading to a kernel warning. The issue stemmed from the driver performing its own DMA mapping of NVMe LS request data, even though the FC (Fibre Channel) layer already handles this mapping.
Exploitation
Scenario This vulnerability does not represent a security flaw exploitable by an attacker; rather, it is a kernel bug that causes a warning message under certain I/O workloads. No special privileges or network access are required beyond normal system operation, and the impact is limited to a kernel warning and potential debug overhead.
Impact
The primary impact is a kernel warning message and a stack trace, which may degrade system performance due to debug logging and cause unnecessary alarm. In non-debug kernels, the warning is silently suppressed, so the functional impact is minimal. The driver continues to operate, but the redundant DMA mapping could lead to resource leaks or memory corruption in edge cases.
Mitigation
The fix removes the redundant DMA mapping from the qla2xxx driver, relying entirely on the FC layer's mapping. Patches have been committed to the stable Linux kernel trees [1][2]. Users should apply these patches or update to a kernel version containing the fix. No workaround is available other than avoiding NVMe LS operations or using a patched kernel.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
63a564de3a299e596253113b677302fb0e3573ee4f1991c54ad6af2359359c75e6aef5039Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- git.kernel.org/stable/c/3a564de3a299856f2cbd289649cea2e20d671a43nvd
- git.kernel.org/stable/c/3ee4f1991c54c6707aa9df47e51c02ea25bb63e3nvd
- git.kernel.org/stable/c/77302fb0e357da666d5249a6e91078feeef3dadenvd
- git.kernel.org/stable/c/ad6af23593594402c826eefdf43ae174e5f0f202nvd
- git.kernel.org/stable/c/c75e6aef5039830cce5d4cf764dd204522f89e6bnvd
- git.kernel.org/stable/c/e596253113b69b4018818260bd5da40c201bee73nvd
News mentions
0No linked articles in our index yet.